Highrise Consulting, Inc. Capabilities Presentation
Introduction Highrise Consulting, Inc. is an established (since 2007) small-business Information Technology (IT) company headquartered in Bethesda, MD. Our goal is to provide our clients with the best technology services that contribute to building the most powerful, reliable and cost-effective solutions in the IT industry. Contract Vehicles: NAICS Codes: GSA – Federal Supply Schedule: 518210 - Data Processing, Hosting, & Related Services • Federal Supply Schedule 70 - General Purpose 541330 - Engineering Services Commercial Information Technology Equipment, 541511 - Custom Computer Programming Services Software, and Services • SINs: 132-51, 132-56 541512 - Computer Systems Design Services • Highrise GSA IT70 Rates 541513 - Computer Facilities Management Services 541519 - Other Computer Related Services NIH CIO-SP3 SB: • Prime on the CIO-SP3 Small Business 541611 - Administrative Management and General Management • Highrise CIO-SP3 rates Consulting Services 541690 - Other Scientific & Technical Consulting Services NIH Blanket Purchase Agreement (BPA): 541990 - All Other Professional, Scientific, and Technical Services • Information Technology Professional Services • $500K max per order, unlimited number of orders 611420 - Computer Training • NIH BPA Program 2
Capabilities Summary • Cloud : Cloud Adoption, Cloud Providers Evaluation and • Software Development : Object Oriented Analysis Security; Network and Systems Architecture; Process and Design; Java Enterprise Edition (JEE) Improvement and Cloud Administration; Authority to development; .NET Development; Apache/Tomcat Operate (ATO) package and Cost Management setup and configuration; Client (JavaScript, AJAX, Tiles) and server-side programming; Relational • Cybersecurity : Support Audits; Identify threats; database design; DBC API, SQL, PL/SQL Oracle Cybersecurity Preparedness; Cloud Security; Asset Database Management Systems; Web Services, Management Service Oriented Architecture, XML; Testing tools and technologies such as JUnit and Selenium; Single • Business Analysis : Business Process Analysis; Business sign-on development; Secure development Process Management; Requirements Analysis; Stakeholder practices; Angular JS; Workflow/ BPM development Collaboration; • Testing and QA : Test Strategy Evaluation and • Operations Support : Infrastructure Operations and Implementation; Functional Testing; Performance Maintenance; Database Administration; Network and Storage Management; Cybersecurity; Incident and Load Testing; Test Automation; Security Testing; Test Data Management; Tool evaluation Management and recommendation • SharePoint : Microsoft Gold Collaboration and Content Competency; 10-year experience in SharePoint consulting • Service Desk : Functional Service Desk Support; and development; Custom solutions on SharePoint Online Communications, Documentation, and Training and SharePoint On-Premises for numerous Federal support; Account Management Support; Enterprise agencies; Proven track record of successful SharePoint Service Desk tools implementation and migrations – 2016, 2019, Online, Office 365 management 3
Grants Management Expertise Expertise delivering grants management services and solutions across the federal government • Employ over 150 professionals that specialize in the Grants Management arena • Full life cycle software development using Agile Software Methodology • Grants business process modeling and program onboarding • Grants system architectural support, including integration with systems such as Grants.gov and UFMS. • 24/7 systems and user support including emergency response • Knowledge of building, growing and marketing two of the largest HHS grants management shared service providers • National Institutes of Health (NIH)/electronic Research Administration (eRA) : Provide services across all major areas of the • enterprise program including partner development and management, business analysis, software design and development, operations, user support and helpdesk, and partner agency onboarding and training. Administration for Children and Families (ACF)/GrantSolutions.gov : Provide services across all phases of the funding opportunity • announcement and application review processes utilized by the partner federal agencies. Understanding of federal shared services approach: Standardize, streamline, and increase value through the delivery of information technology • services; Strike a balance between a one solution fits all approach and a unique solution for each approach. • Supported the onboarding activities of the Substance Abuse and Mental Health Services Administration (SAMHSA) using the NIH/eRA grants management system. Provided New Agency Onboarding business analysis, business process re-engineering, onboarding support and training, and overall support of the agency’s business processes and workloads. • Supported the engagement of federal agencies that utilize the NIH/eRA grants Stakeholder Collaboration management system. Provided business experts who engaged with stakeholders to elicit feedback, encourage collaboration and identification of shared business needs. • Provided the vision and approach for the development of a shared services module to support the Funding Opportunity Announcement business process to be utilized by Shared Services Implementation GrantSolutions.gov and NIH/eRA grants management systems. Provided business analysis design, requirements gathering, stakeholder engagement, and requirements management. 4
Cloud – Understanding Challenges • Cloud Adoption - organizations do not have a robust cloud adoption strategy in place prior to migration, resulting in projects lacking established standards, security configurations and embracing of new processes and platforms by staff • Migration – preparing and moving existing systems and applications to cloud environment present many challenges, including system preparation and upgrades, large volume migration, executing cutover with minimal disruptions • Security - it is essential to ensure that critical cloud assets are well protected. Misconfigured cloud services frequently result in data breaches • Compliance - ensuring that organizations are compliant with NIH/HHS security standards after migration. NIH does not have clear cloud-specific security requirements. • Governance/Control - ensure that cloud assets are properly provisioned, controlled and maintained in accordance with organization’s CM policies. • Authority to Operate – creating ATO package requires incorporating NIH/HHS requirements, GAO recommendations, and cloud-specific aspects of an organization • Cost Management - on-demand and scalable nature of cloud computing services presents unique challenges planning and managing costs 5
Cloud - Adoption Utilize Cloud Adoption Framework (CAF) maturity heat map to identify the program’s maturity and expose potential cloud • adoption inhibitors People: Evaluate organizational structure, roles and expertise • Process: Evaluate program and project management • Business: Assess business strategy and goals • Security: Define the security strategy • Operations: Define the operational strategy • Maturity: Prepare for the target state • Platform: Provide guidance for optimal use through cloud design principles and patterns • 6
Cloud - Success Story: NIH eRA Program • Established security architecture compliant with Federal Trusted Internet Connection (TIC) requirements Cloud Security • Implemented (CIS) baselines for consistent implementation of NIH/HHS/eRA requirements • Successfully migrated NIH eRA Non-Prod and Prod 100+ systems to AWS on time and within budget Cloud Migration • Significant cost savings by moving to cloud • Streamlined environment provisioning and management using automation • NIH eRA is the first National Institutes of Health (NIH) enterprise system receiving Authority to Operate (ATO) in a cloud environment Cloud ATO • Reviewers commented that ATO package was one of the best approved by OCIO • Designed NIH eRA networking approach consistent with NIH long-term network requirements and compliant with Federal Trusted Internet Cloud Network Connection (TIC) requirements • eRA to NIH to cloud networking connectivity that can be utilized by other NIH organizations 7
Cybersecurity – Understanding Challenges • Supporting Audit – preparing and maintaining program security documentation, conducting internal audits and interfacing with federal auditors, respond to findings • Identifying threats - knowing when your organization is under attack to be able to swiftly identify and shut down malicious threats • Cybersecurity preparedness - understanding if your cybersecurity is capable of standing up to the latest threats is pivotal to effective risk mitigation • Incident response - addressing cybersecurity threats is a huge challenge requiring rapid attack detection and incident response capabilities • Cloud Security - it is essential to ensure that critical cloud assets are well protected. Misconfigured cloud instances frequently result in data breaches • Asset Management - continuous, real-time visibility of all critical assets and software to know all of the authorized and unauthorized devices and software within your environment 8
Recommend
More recommend